Manualshelf

User Manual

ManualsBrandsCabletron ManualsCables & InterconnectsCabletron Tpfot-2 10BT Transceiver 1 RJ45 Utp to 1 St MMf
471472473474475476477478479480
Enterasys X-Pedition User Reference Manual 451
Configuring the X-Pedition for Port Mirroring
Configuring the X-Pedition for Port Mirroring
The X-Pedition allows you to monitor activity with port mirroring. Port mirroring allows you to
monitor the performance and activities of ports on the X-Pedition or for traffic defined by an ACL
through one or more separate ports. While in Configure mode, you can configure your X-Pedition
for port mirroring with a simple command line like the following:
Note: Port mirroring is available for WAN ports. However, port mirroring, ACL, and Layer-2
filtering are supported on a per-WAN-card basis, not a per-port basis. (You can only
configure port mirroring for the entire WAN card).
Only IP ACLs can be specified for port mirroring.
The X-Pedition does not support port mirroring on ATM ports.
For additional information, see Port Mirroring on page 419.
Monitoring Broadcast Traffic
Broadcast Monitor or bmon, allows users to monitor broadcast traffic and limit the amount of
unlearned traffic received for a specific port(s) and control module. Users may also apply bmon to
an individual port only, allowing the port to shut down or redirect unlearned traffic to another port
if traffic flow exceeds a specific rate. Like rate limiting, bmon protects the CPU from becoming
bogged down in traffic—this is especially useful in protecting networks from Denial of Service or
DoS attacks (would-be hackers often use these attacks to keep network hardware and end systems
too busy to process valid traffic).
Users may also configure the X-Pedition to shut down for a period of time if the number of packets
sent to the control module reaches a certain limit during a specific time interval. You may monitor
all unlearned packets or limit monitoring to broadcast packets only.
Configuration
If you expect to receive a low to moderate level of unlearned traffic on a port(s), configure the port
with bmon. When using redirect option, keep the following in mind:
A port cannot redirect traffic to itself.
A single port cannot redirect traffic to multiple ports; however, you may configure multiple
ports to redirect to the same port.
The port receiving the redirected traffic must be able to handle such a load.
The packets-limited option applies only to the redirect port.
Configure Port Mirroring. port mirroring dst-ports <port_list> [src-ports <port_list>
|src-acl <acl_name>]